Core policy for shells, and generic programs in /bin, /sbin, /usr/bin, and /usr/sbin.

Policy controlling access to network objects

Device nodes and interfaces for many basic system devices.

Core policy for domains.

Basic filesystem types and interfaces.

Policy for filesystems.

Policy for kernel threads, proc filesystem, and unlabeled processes and objects.

Multicategory security policy

Multilevel security policy

Policy for kernel security interface, in particular, selinuxfs.

Policy controlling access to storage devices

Policy for terminals.

User-based access control policy

Policy for allowing confined domains to use unlabeled_t packets

Audit administrator role

Log administrator role

Security administrator role

Administrator's unprivileged user

General system administration role

No Interfaces

Unconfined user role

Generic unprivileged user

Policy for the kernel modules, kernel image, and bootloader.

Determine of the console connected to the controlling terminal.

Policy for dmesg.

Network analysis utilities

Run shells with substitute user and group

Execute a command with a substitute user

Policy for managing user accounts.

Filesystem namespacing/polyinstantiation application.

Policy for user executable applications.

Common policy for authentication and user login.

Policy for reading and setting the hardware clock.

Tools for filesystem management, such as mkfs and fsck.

Policy for getty.

Policy for changing the system host name.

Policy for hotplug system, for supporting the connection and disconnection of devices at runtime.

System initialization programs (init and init scripts).

TCP/IP encryption

Policy for iptables.

Policy for kdbusfs.

Policy for system libraries.

Policy for local logins.

Policy for the kernel message logger and system logging daemon.

Policy for logical volume management programs.

Miscelaneous files.

Policy for kernel module utilities

Policy for mount.

NetLabel/CIPSO labeled networking management

Policy for SELinux policy and userland applications.

SELinux MLS/MCS label translation service.

Policy for network configuration: ifconfig and dhcp client.

SELinux policy for systemd components

Policy for udev.

The unconfined domain.

Policy for user domains

PostgreSQL relational database

Secure shell client and server policy.

X Windows Server

ABRT - automated bug-reporting tool

AccountsService and daemon for manipulating user account information via D-Bus.

Berkeley process accounting.

GNAT Ada95 compiler.

Andrew Filesystem server.

Automatic IPv6 Connectivity Client Utility.

Aide filesystem integrity checker.

Aisexec Cluster Engine.

policy for ajaxterm

Advanced Linux Sound Architecture utilities.

Advanced Maryland Automatic Network Disk Archiver.

High-performance interface between an email server and content checkers.

Abstract Machine Test Utility.

Anaconda installer.

SELinux policy for antivirus programs - amavis, clamd, freshclam and clamscan

Apache web server

APC UPS monitoring daemon.

Advanced power management.

Advanced package tool.

Ethernet activity monitor.

Asterisk IP telephony server.

Tool for non-root processes to bind to reserved ports.

policy for authconfig

Filesystem automounter service.

mDNS/DNS-SD daemon implementing Apple ZeroConf architecture.

Log file analyzer for advanced statistics.

System backup scripts.

Cross platform network backup.

configuration management suite.

Berkeley Internet name domain DNS server.

BIRD Internet Routing Daemon.

Tunnels instant messaging traffic to a virtual IRC channel.

The blkmapd daemon performs device discovery and mapping for pNFS block layout client.

Tool to manage Bluetooth devices.

Bluetooth tools and system services.

policy for boinc

Utilities for configuring the Linux ethernet bridge.

brltty is refreshable braille display driver for Linux/Unix

Bugtracker.

policy for bumblebee

policy for cachefilesd

Squid log analysis.

PBX software.

Kana-kanji conversion server.

Cluster Configuration System.

Record audio or data Compact Discs from a master.

Remote certificate distribution framework.

Certificate status monitor and PKI enrollment client.

Digital Certificate Tracking.

System administration tool for networks.

policy for cgdcbxd

libcg is a library that abstracts the control group file system in Linux.

policy for chrome

Chrony NTP background daemon.

openstack-cinder

Encrypted tunnel daemon.

ClamAV Virus Scanner

Clock speed measurement and manipulation.

Clustered Mirror Log Server.

cloudform policy

Cluster mirror log daemon.

Cobbler installation server.

policy for cockpit

Statistics collection daemon for filling RRD files.

GNOME color manager

Comsat, a biff server.

policy for condor

Conman is a program for connecting to remote consoles being managed by conmand

Framework for facilitating multiple user sessions on desktops.

The open-source application container engine.

Corosync Cluster Engine.

Document database server.

Courier IMAP and POP3 email servers

Services for loading CPU microcode and CPU frequency scaling.

Command-line CPU frequency settings.

cpuplugd - Linux on System z CPU and memory hotplug daemon

Periodic execution of scheduled commands.

policy for ctdbd

Common UNIX printing system.

Concurrent versions system.

Cyphesis WorldForge game server.

Cyrus is an IMAP service intended to be run on sealed servers.

Collection of tools for managing UNIX services.

Dante msproxy and socks4/5 proxy server.

Database administrator role.

Dictionary server for the SKK Japanese input method system.

Desktop messaging bus

Distributed checksum clearinghouse spam filtering.

Update dynamic IP address at DynDNS.org.

ddcprobe retrieves monitor and graphics card information.

SSH dictionary attack mitigation.

Devicekit modular hardware abstraction layer

Dynamic host configuration protocol server.

Dictionary daemon.

Server for managing and downloading certificate revocation lists.

policy for dirsrv

Administration Server for Directory Server, dirsrv-admin.

Distributed compiler daemon.

Small and secure DNS daemon.

DomainKeys Identified Mail milter.

Decode DMI data for x86/ia64 bioses.

DNS forwarder and DHCP server.

policy for dnssec_trigger

Enables DNSSEC protection for DNS traffic.

Dovecot POP and IMAP mail server

Debian package manager.

Mirrors a block device over the network to another machine.

policy for dspam

Generate entropy from audio input.

A highly-available key value store for shared configuration.

Evolution email client.

Mail transfer agent.

Update firewall filtering to ban IP addresses with too many password failures.

Fibre Channel over Ethernet utilities.

Remote-mail retrieval and forwarding utility.

Finger user information service.

Service daemon with a D-BUS interface that provides a dynamic managed firewall.

system-config-firewall dbus system service.

Final system configuration run during the first boot after installation of Red Hat/Fedora systems.

DBus fingerprint reader service.

Remote-Console (out-of-band) and System Management Software (in-band) based on Intelligent Platform Management Interface specification

policy for freqset

File transfer protocol service.

fwupd is a daemon to allow session software to update device firmware

Various games.

OpenH.323 Voice-Over-IP Gatekeeper.

GNUstep distributed object mapper.

The open-source application container engine.

Geoclue is a D-Bus service that provides location information

Peer to peer file sharing tool.

GIT revision control system.

Tools for managing and hosting git repositories.

OpenStack image registry and delivery service.

policy for glusterd

GNU network object model environment (GNOME)

Gnome clock handler for setting the time.

Policy for GNU Privacy Guard and related programs.

General Purpose Mouse driver.

gpsd monitor daemon.

policy for gssproxy

Least privledge terminal user role.

Software for reliable, scalable, distributed computing.

Hardware abstraction layer.

Hard disk temperature tool running as a daemon.

policy for hostapd

Port of Apple Rendezvous multicast DNS.

Hsqldb is transactional database engine with in-memory and disk-based tables, supporting embedded and server modes.

Dump topology and locality information from hardware tables.

policy for hypervkvp

IIIMF htt server.

ShoutCast compatible streaming media server.

Bring up/down ethernet interfaces based on cable detection.

iMaze game server.

Internet services daemon.

Internet News NNTP server.

IP over DNS tunneling daemon.

Simple top-like I/O monitor

Policy for IPA services.

IPMI event daemon for sending events to syslog.

IRC client policy.

IRC servers.

IRQ balancing daemon.

Establish connections to iSCSI devices.

Internet Storage Name Service.

Jabber instant messaging server

Java virtual machine

Jetty - HTTP server and Servlet container

policy for jockey

policy for journalctl

Policy for KDE components

Kernel crash dumping mechanism

system-config-kdump GUI

keepalived - load-balancing and high-availability service

MIT Kerberos admin and KDC

Service for reporting kernel oopses to kerneloops.org.

policy for system-setup-keyboard daemon

policy for keystone

IEEE 802.11 wireless LAN sniffer.

Terminal emulator for Linux graphical console

Kernel Samepage Merging Tuning Daemon.

talk-server - daemon programs for the Internet talk

SELinux policy for Kubernetes container management

Hardware detection and configuration tools.

Layer 2 Tunneling Protocol daemons.

OpenLDAP directory server

Log analyzer for squid proxy.

Likewise Active Directory support for UNIX.

implementation of the Precision Time Protocol (PTP) according to IEEE standard 1588 for Linux.

Linux infared remote control daemon.

Tool for building alternate livecd for different os and policy versions.

Intel LLDP Agent.

Load keyboard mappings.

Library for locking devices.

Rotate and archive system logs

System log analyzer and reporter.

Line printer daemon

libStorageMgmt plug-in daemon

LTTng 2.x central tracing registry session daemon.

Mailman is for managing electronic mail discussion and e-newsletter lists

E-mail security and anti-spam package for e-mail gateway systems.

A Unix manpage-to-HTML converter.

policy for mandb

Linux hardware error daemon.

policy for mcollective

Mediawiki policy

high-performance memory object caching system

Milter mail filters

MiniDLNA lightweight DLNA/UPnP media server

Daemon used by MiniUPnPc to speed up device discoveries.

Mobile IPv6 and NEMO Basic Support implementation

policy for mirrormanager

policy for mock

Provides a DBus interface to communicate with mobile broadband (GSM, CDMA, UMTS, ...) cards.

MojoMojo Wiki.

policy for mon_statd

Scalable, high-performance, open source NoSQL database.

Run .NET server and client applications on Linux.

Monopoly daemon.

Detect motion using a video4linux device

Policy for Mozilla and related web browsers

Music Player Daemon.

Mplayer media player and encoder.

Network traffic graphing.

Policy common to all email tranfer agents.

Munin network-wide load graphing (formerly LRRD)

Policy for MySQL

policy for mythtv_script

New monitoring suite that aims to be faster and more stable, while giving you a clearer view of the state of your network.

Net Saint / NAGIOS - network monitoring server

policy for namespace

Cross-platform network configuration library.

Network scanning daemon.

Manager for dynamically switching between networks.

Respond to IPv6 Node Information Queries

Policy for NIS (YP) servers and clients

openstack-nova

Name service cache daemon

Authoritative only name server

nslcd - local LDAP name service daemon.

policy for nsplugin

A network traffic probe similar to the UNIX top command.

Network time protocol daemon

policy for numad

nut - Network UPS Tools

NX remote desktop.

Open AntiVirus scannerdaemon and signature update.

D-Bus service providing high-level OBEX client and server side functionality.

Oddjob provides a mechanism by which unprivileged applications can request that specified privileged operations be performed on their behalf.

An ident daemon with IP masq/NAT support and the ability to specify responses.

Open Certificate Authority.

Service for handling smart card readers.

policy for opendnssec

Fortinet compatible SSL VPN daemons.

Open source implementation of the Service Availability Forum Hardware Platform Interface.

policy for openhpid

policy for openshift

Opensm is an InfiniBand compliant Subnet Manager and Administration, and runs on top of OpenIB

full-featured SSL VPN solution.

policy for openvswitch

WS-Management Server

policy for oracleasm

Client-side service written in Python that responds to pings and runs rhn_check when told to by osa-dispatcher.

>A scalable high-availability cluster resource manager.

Passive Asset Detection System.

Ruby on rails deployment for Apache and Nginx servers.

PCMCIA card management services.

The pcp command summarizes the status of a Performance Co-Pilot (PCP) installation

PCSC smart card service.

PowerDNS DNS server.

The Open Group Pegasus CIM/WBEM Server.

Perdition POP and IMAP proxy.

pesign utility for signing UEFI binaries as well as other associated tools

Pingd of the Whatsup cluster node up/down detection utility.

policy for piranha

Implementations of the Cryptoki specification.

pkcs11proxyd-softhsm-ctl - manage the isolated PKCS #11 daemon with softhsm

policy for pki

Plymouth graphical boot

Podsleuth is a tool to get information about an Apple (TM) iPod (TM).

Policy framework for controlling privileges for system-wide services.

Caching web proxy.

Package Management System.

RPC port mapping service.

Reserve well-known ports in the RPC port range.

Portslave terminal server software.

Postfix email server

Postfix policy server.

Postfix grey-listing server.

Point to Point Protocol daemon creates links in ppp networks

Prelink ELF shared library mappings.

Prelude hybrid intrusion detection system

Privacy enhancing web proxy.

Procmail mail delivery agent

policy for prosody

Intrusion Detection and Log Analysis with iptables.

helper function for grantpt(3), changes ownship and permissions of pseudotty.

publicfile supplies files to the public through HTTP and FTP.

Pulseaudio network sound server.

Puppet client daemon

policy for pwauth

Server for the PXE network boot protocol.

Pyzor is a distributed, collaborative spam detection and filtering network.

QEMU machine emulator and virtualizer

Qmail Mail Server

policy for qpidd

Virtual network service for Openstack.

File system quota management

AMQP server written in Erlang.

RADIUS authentication and accounting server.

IPv6 router advertisement daemon.

RAID array management tools

The rasdaemon program is a daemon with monitors the RAS trace events from /sys/kernel/debug/tracing

A distributed, collaborative, spam detection and filtering network.

Network router discovery daemon.

Read files into page cache for improved performance.

dbus system service which manages discovery and enrollment in realms and domains like Active Directory or IPA

Advanced key-value store

Policy for rshd, rlogind, and telnetd.

Resource management daemon.

rgmanager - Resource Group Manager

RHCS - Red Hat Cluster Suite

rhev polic module contains policies for rhev apps

Red Hat Graphical Boot

policy for rhnsd

Subscription Management Certificate Daemon policy

Ricci cluster management agent

policy for rkhunter

CLI for running app containers

Remote login daemon.

Check and feed random data from hardware device to kernel random device.

Daemon for Linux systems providing a stable D-BUS interface to manage the deployment of Server Roles.

Roundup Issue Tracking System.

Remote Procedure Call Daemon for managment of network based process communication

Universal Addresses to RPC Program Number Mapper

Policy for the RPM package manager.

Remote shell service.

Restricted (scp/sftp) only shell.

Fast incremental file transfer for synchronization

Platform diagnostics report firmware events.

Realtime scheduling for user processes.

Who is logged in on other machines?

SMB and CIFS client/server programs for UNIX and name Service Switch daemon for resolving names from Windows NT servers.

system-config-samba dbus service.

Check file integrity.

policy for sandbox

policy for sandboxX

Sanlock - lock manager built on shared storage.

SASL authentication server

policy for sbd

Standards Based Linux Instrumentation for Manageability.

GNU terminal multiplexer

Sectool security audit tool

Policy for sendmail.

Sensor information logging daemon

SELinux troubleshooting service

Policy for gridengine MPI jobs

Shoreline Firewall high-level tool for configuring netfilter

System shutdown command

Update database for mlocate.

OpenSLP server daemon to dynamically register services.

Service for downloading news feeds the slrn newsreader.

Smart disk monitoring daemon.

Smokeping network latency measurement.

The Fedora hardware profiler client.

The SMS Server Tools are made to send and receive short messages through GSM modems. It supports easy file interfaces and it can run external programs for automatic actions.

Tools to send and receive short messages through GSM modems or mobile phones.

policy for snapperd

Simple network management protocol services.

Snort network intrusion detection system.

Generate debugging information for system.

sound server for network audio server programs, nasd, yiff, etc

Filter used for removing unsolicited email.

speech-dispatcher - server process managing speech requests in Speech Dispatcher

Alcatel speedtouch USB ADSL modem

Squid caching http proxy server.

policy for sslh

System Security Services Daemon

Instrumentation System Server

SSL Tunneling Proxy.

policy for svnserve

policy for swift

swift_alias policy module

SUID/SGID program monitoring.

Reports on various system states.

Targetd is a service to allow the remote configuration of block device volumes and file systems within dedicated pools

TCP daemon.

TSS Core Services daemon.

Telepathy communications framework.

Telnet daemon.

Trivial file transfer protocol daemon

Linux Target Framework Daemon.

thin policy

policy for thumb

Thunderbird email client.

MIDI to WAV converter and player configured as a service.

Manage temporary directory sizes and file ages.

policy for tomcat

The onion router.

Portable Transparent Proxy Solution.

File integrity checker.

Dynamic adaptive system tuning daemon.

High quality television application.

Time zone updater.

UNIX Client-Server Program Interface for TCP.

udisks - Disk Manager

Iptables/netfilter userspace logging daemon.

User mode linux tools and services.

Red Hat utility to change fstab.

Daemon to record and keep track of system up times.

List kernel modules of USB devices.

USB multiplexing daemon for communicating with Apple iPod Touch and iPhone.

SELinux utility to run a shell with a new role

User network interface configuration helper.

Unix to Unix Copy.

UUID generation daemon.

University of Washington IMAP toolkit POP3 and IMAP mail server.

Varnishd http accelerator daemon.

run real-mode video BIOS code to alter hardware state.

Spice agent for Linux.

Virtual host metrics daemon.

Libvirt virtualization API

Lock one or more sessions on the Linux console.

VMware Tools daemon

VMWare Workstation virtual machines.

Console network traffic monitor.

Virtual Private Networking client

W3C Markup Validator.

Software watchdog.

watchdog multiplexing daemon

Web administrator role.

Web server log analysis.

Wine Is Not an Emulator. Run Windows programs in Linux.

Wireshark packet capture tool.

X Window Managers

Xen hypervisor

X Windows Font Server.

Least privledge xwindows user role.

A X11-based print system and API.

Modular screen saver and locker for X11.

Yum/Apt Mirroring.

Distributed infrastructure monitoring

Zarafa collaboration platform.

Zebra border gateway protocol network routing service

policy for zoneminder

z/OS Remote-services Audit dispatcher plugin.